Encodes input strings for use in application/x-www-form-urlencoded form submissions.
Namespace: Microsoft.Security.Application
Assembly: AntiXssLibrary40 (in AntiXssLibrary40.dll) Version: 4.2.0.0
Syntax
| C# |
|---|
public static string HtmlFormUrlEncode( string input ) |
| Visual Basic |
|---|
Public Shared Function HtmlFormUrlEncode ( _ input As String _ ) As String |
| Visual C++ |
|---|
public: static String^ HtmlFormUrlEncode( String^ input ) |
Parameters
- input
- Type: System..::..String
String to be encoded.
Return Value
Encoded string for use in URLs.Remarks
This function encodes all but known safe characters. Characters are encoded using %SINGLE_BYTE_HEX
and %DOUBLE_BYTE_HEX notation.
Safe characters include:
Example inputs and encoded outputs:
| a-z | Lower case alphabet |
| A-Z | Upper case alphabet |
| 0-9 | Numbers |
| . | Period |
| - | Dash |
| _ | Underscore |
| ~ | Tilde |
| alert('XSS Attack!'); | alert%28%27XSS+Attack%21%27%29%3b |
| [email protected] | user%40contoso.com |
| Anti-Cross Site Scripting Library | Anti-Cross+Site+Scripting+Library |
